PT-2025-43071 · Linux+1 · Linux Kernel+1

Published

2022-11-16

Updated

2025-12-04

CVE-2022-50561

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a memory leak in the iio device register eventset() function. Specifically, when iio device register sysfs group() fails, the attrs array is not freed, leading to a memory leak detected by kmemleak. The affected code is located at drivers/iio/industrialio-event.c:541, drivers/iio/industrialio-core.c:1959, and drivers/iio/industrialio-core.c:2040. The backtrace indicates the involvement of kmalloc and functions related to device registration.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Resource Release

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-404CWE-401

Related Identifiers

BDU:2026-03738

CVE-2022-50561

SUSE-SU-2025:4111-1

SUSE-SU-2025:4139-1

SUSE-SU-2025:4149-1

SUSE-SU-2025:4320-1

Affected Products

Linux Kernel

Suse

PT-2025-43071 · Linux+1 · Linux Kernel+1

CVE-2022-50561

Weakness Enumeration

Related Identifiers

Affected Products

References · 449